In NGINX Controller versions before 3.2.0, an unauthenticated attacker with network access to the Controller API can create unprivileged user accounts. The user which is created is only able to upload a new license to the system but cannot view or modify any other components of the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 nginx controller 1.0.1 |
||
f5 nginx controller |
||
netapp cloud backup - |